I know that rootkits aren’t detected by most of the AV’s…

WHY ?

Wouldn’t it be easy to add a simply signature to detect the .exe’s that launches these kits ?

I know this is no way to stop them if there modified & hex-edited & packed & encrypted, but it could atleast stop those “ignorant simply users” to download them from the internet. (orginal versions)

There are only a few rootkits around for Windows (not more that 6 or 7).

And ALL of them are quite easy to find just searching Google.

If you want i can sent you the samples asap.

Btw : I hope the Linux version of AVAST detects these monsters, as Linux rootkits are VERY common these days.

Please comment on this post. I consider this a serious mather.

Waldo